We consider consent, data privacy, and transparency a top priority. Global initiatives such as the EU's General Data Protection Regulation (GDPR) are important steps to bring them to the center. Bringing the power to control personal information that we and other businesses store into the hands of you, the user, are an important pillar in building a service and community like DOYOU.

Our Commitment

Protecting your data is built into the core of our service. We only gather and store information that is absolutely necessary to offer our service, and we only do this with your consent. That’s why we are committed to complying with the privacy, security, and data protection goals of GDPR and beyond.

Along with a highly secure and robust system architecture, we have a variety of security measures in place to prevent unauthorized access and processing of personal data. To find out more about the data that we collect, check out our privacy policy and terms.

To accomplish full GDPR compliance, we have set up an internal compliance team that has been working with external specialists to assess our requirements and roll out the required changes.

Here’s an overview of what the steps we have taken to ensure your data is safe and in your hands.

GDPR Compliance

We have created and sustain awareness within the company regarding the Privacy by Default and Privacy by Design principles that need to be kept in mind for ongoing development.

We constantly carry out data mapping exercises to track the flow of personal data through our systems.

We established and are maintaining a clean data repository that is constantly updated. This gives us control over the data flowing through our systems, with clear processes for handling, securing, and storing this data.

Data Retention

To avoid storing and processing any of your data beyond the necessary period, we have established an automated data retention mechanism. Here’s how our data retention process works, when you as a customer close your account with us:

We delete your Personally Identifiable Information (PII) and all end-user data from our databases within a period of 120 days.

This includes deleting your profile and all your end-user information from our systems.

The only data we keep, is the data needed for further compliance, for example invoices, subscription information, and audit logs.

Consent Mechanism

We actively collect consent from your, wherever it’s applicable — especially in the case of any marketing communication.

We want you to have complete control over the communication you receive from us. To give you the option to withdraw your consent at any given time, all our emails feature a one-click unsubscribe link. We’re furthermore adding an easy way for you to manage your email preferences within the app.

Feature Development and Privacy Principles

We have a process in place which is built to guarantee all our features meet the standards of GDPR and beyond. Our product and engineering teams are following a Privacy by Design and Privacy by Default approach.

Exercising your rights under GDPR

We’ve added a dedicated privacy section to your profile settings to help you exercise your rights under GDPR or simply request your account (and all related data) to be deleted. Click here to check it out (you’ll need to login to your account to be able to access this link).

Note: This section is continuously being updated with our latest information and updates.

It's time to DOYOU and become your best self. Join the community and unlock your full potential.